Adding an OpenDKIM TXT Record in Unbound Under pfSense

Use cases vary wildly, so this is a fairly generic post, and the primary reason I’m making it is because (as far as I can tell) this issue has never been raised on the pfSense forums (or anywhere else).

If you need to create a long (secure) txt record in Unbound (pfSense calls this “DNS Resolver”), you do it exactly the same way you would under BIND/named as described here. The trick is getting the spacing and quoting done correctly, and in practice, your record will look something like this:

Note that the key portion will come back with quotes and a space in the middle (in the example above the space is between RS” and “p), and this is OK because standards-compliant validating receivers will be smart enough to concatenate the key parts before running calculations.

If you get the above configured correctly and if the rest of your puzzle pieces are present and properly placed, the end result is something like this on the recipient-end of your outbound messages: